Boards at some of the UK’s largest companies still do not fully understand the potential impact of a cyber attack, the government has warned.
A report into FTSE 350 companies published today shows that while almost all firms have a cyber security strategy in place, just 16 per cent of boards have a comprehensive understand of the loss or disruption caused by cyber threats.
Read more: Huawei boss: 'We are a European company'
In addition, while the vast majority of businesses have a cyber security incident response plan, only around half test it on a regular basis, according to the review.
Digital minister Margot James said: “The UK is home to world leading businesses, but the threat of cyber attacks is never far away.
“We know that companies are well aware of the risks, but more needs to be done by boards to make sure that they don’t fall victim to a cyber attack.”
Despite the lagging figures, overall awareness of the threat of cyber attacks has risen in the last year, with almost three-quarters of respondents acknowledging that the risk of cyber threats is high.
The report comes amid growing concern around the risk of cyber attacks in the UK. A recent survey by accounting firm EY revealed 40 per cent of businesses see cyber threats as the biggest risk to the adoption of 5G.
Industry experts have also warned of a skills shortage in the cyber security sector, and said negative stereotypes about computer hackers have exacerbated the issue.
Ciaran Martin, chief executive of the National Cyber Security Centre, said: “Cyber security is a mainstream business risk, and board members need to understand it in the same way they understand financial or health and safety risks.”